Overview

overview

10

Static

static

10

Battly-Lau...in.exe

windows11-21h2-x64

10

resources/...e.json

windows11-21h2-x64

3

resources/...e.json

windows11-21h2-x64

3

resources/...Me.txt

windows11-21h2-x64

3

resources/...e.json

windows11-21h2-x64

3

resources/...e.json

windows11-21h2-x64

3

resources/...ds.ejs

windows11-21h2-x64

3

resources/...ex.css

windows11-21h2-x64

3

resources/...n.icns

windows11-21h2-x64

3

resources/...on.ico

windows11-21h2-x64

3

resources/...on.png

windows11-21h2-x64

3

resources/...nd.png

windows11-21h2-x64

3

resources/...ar.png

windows11-21h2-x64

3

resources/...de.png

windows11-21h2-x64

3

resources/...en.png

windows11-21h2-x64

3

resources/...es.png

windows11-21h2-x64

3

resources/...fr.png

windows11-21h2-x64

3

resources/...it.png

windows11-21h2-x64

3

resources/...jp.png

windows11-21h2-x64

3

resources/...pt.png

windows11-21h2-x64

3

resources/...ru.png

windows11-21h2-x64

3

resources/...de.png

windows11-21h2-x64

3

resources/...en.png

windows11-21h2-x64

3

resources/...dex.js

windows11-21h2-x64

3

resources/.../de.js

windows11-21h2-x64

3

resources/.../en.js

windows11-21h2-x64

3

resources/.../es.js

windows11-21h2-x64

3

resources/.../fr.js

windows11-21h2-x64

3

resources/.../it.js

windows11-21h2-x64

3

resources/.../pt.js

windows11-21h2-x64

3

resources/...ain.js

windows11-21h2-x64

3

resources/...r.html

windows11-21h2-x64

5

Analysis

  • max time kernel
    86s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    02-09-2024 00:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app/src/assets/css/index.css

  • Size

    20KB

  • MD5

    9338a403220d934986f5dc738419174d

  • SHA1

    33d0a93608f28900b4771b49d88259b2f70350e7

  • SHA256

    2f281d5eb03f52a46514089fd0b0af408f02613a8fcef8d506dc01f590651d7c

  • SHA512

    cd92d15c6ee9d6d9ed78fa073406462d5f3b33cc9c198a693fa51f53889ba9f5ef2a498ea3f033ef7cad73b1248e4bad9afcad8246f5b98dcde3435399dca508

  • SSDEEP

    192:zIPPOBM/UfNLh38L6wLLd949+cZaxYPrunqm0LJ4nqBDmwsNSflfBWG+ngBmb:UFUf7ML6hPrDz+KfBWtg0

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\resources\app\src\assets\css\index.css
    1⤵
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:4204
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\resources\app\src\assets\css\index.css
      2⤵
      • Opens file in notepad (likely ransom note)
      PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads